I have an HP MSM410 wireless access point and when I first configured it I couldn't access any other devices on the network, but I could access the internet fine. I figured out that this was because the wireless security mode was restricting traffic to only the default gateway for the router. I do have WPA encryption in place.
For now I have turned off wireless security because I need wireless users to be able to access shares and printers. I have the network protected by WPA encryption. It seems ok to me to turn off the wireless security here but I am interested in here what other professionals have to say.
I want to protect my network best as possible with out inconveniencing the users.
Your best bet will be to tie authentication to a RADIUS server which handles your org-wide user credentials. The "Features" tab of the product page seems to indicate that it supports RADIUS:
The advantage is that staff simply log in with their standard credentials; the disadvantage is retrofitting RADIUS to your entire infrastructure, but hopefully you already have a central authentication system like AD/LDAP that RADIUS can simply plug in to.
It might be possible to set up some sort of "guest access" mode where unauthenticated clients have restricted access, but I've not ever used any of those sort of setups (Cisco seem to be the market leader in that sort of stuff).